Security

Security news roundup: February 10

Here's a collection of recent security vulnerabilities and alerts, which covers a vulnerability in the multiuser version of the popular WordPress, a new release of the Windows client for Skype which fixes several vulnerabilities, critical vulnerabilities found in Sun's Java Runtime Environment, a memory corruption vulnerability found in IBM's DB2 Universal Database Administration Server, a slew of vulnerabilities resolved in SuSE and Microsof's upcoming Patch Tuesday for the month of February.

Here's a collection of recent security vulnerabilities and alerts, which covers a vulnerability in the multiuser version of the popular WordPress, a new release of the Windows client for Skype that fixes several vulnerabilities, critical vulnerabilities found in Sun's Java Runtime Environment, a memory corruption vulnerability found in IBM's DB2 Universal Database Administration Server, a slew of vulnerabilities resolved in SuSE, and Microsof's upcoming Patch Tuesday for February.

  • Vulnerability in multiuser version of WordPress

A vulnerability has been discovered in the multiuser version (MU) of WordPress. It can allow attackers to take control of the server. For the uninitiated, WordPress MU is a wrapper around the core WordPress, allowing hundreds of thousands of blogs to be hosted with a single installation.

Users who have access to the "'manage_options" and "upload_files" capabilities will be able to inject and execute arbitrary PHP code by leveraging on the vulnerability.

WordPress MU 1.3.1 is affected, and an exploit has already been posted on milw0rm here. As such, system administrators are strongly encouraged to upgrade to either 1.3.2 — which doesn't contain the vulnerability — or skip straight to the latest version 1.3.3.

  • Skype releases updated Windows client

A new version of Skype has been released that fixes several security bugs in the Windows client of the popular VoIP application.

One of the vulnerabilities, the Skype Cross Zone Scripting Vulnerability, resulted from Skype using Internet Explorer's Web control to render its HTML content. The discovered vulnerability allowed scripts to be run in unlocked Local Zone security context of IE and its execute shell.

The Skype security bulletin elaborates on how an exploit can happen:

In order to exploit this an attacker must exploit code injection vulnerability at content provider site. Such vulnerabilities were discovered in Dailymotion website, in Metacafe Pro video submission software as well as in Skype's own SkypeFind. All of them have been fixed at the time of issuing this bulletin.

The new version is 3.6.0.248 and resolved several other flaws. You can either use Skype's internal update function to update to the latest version or download the software manually.

  • Critical vulnerabilities discovered in Sun Java Runtime

Two vulnerabilities have been discovered in Sun's Java Runtime Environment (JRE), which could be remotely exploited to gain control of the affected system.

According to vulnerability reporting site FrSIRT:

These issues are caused by unspecified errors when handling certain untrusted applications or applets, which could be exploited by a malicious web site to cause a downloaded application or applet to elevate its privileges and grant itself permissions to read and write local files or execute local applications with the privileges of the logged-on user.

Further information is unavailable at this point, and it is not known if a workaround or fix is available.

  • Memory corruption vulnerability found in IBM's DB2 Universal Database Administration Server

Version 9.1 of IBM's DB2 Universal Database Administration Server (DAS) has a memory corruption vulnerability that can allow remote attackers to crash the service or potentially execute arbitrary code.

The fault lies in that the DAS uses a 32-bit pointer supplied by the remote client. An attacker is hence able to corrupt the server's memory by specifying arbitrary memory locations.

IBM has addressed these vulnerabilities by releasing Fix Pack 4 for its Version 9.1 and FixPak 16 for its Version 8 of its Universal Database product product.

  • SuSE resolves slew of vulnerabilities
SuSE has released a security update highlighting solved security issues identified in various vulnerable SuSE components. The affected modules are Java, nss_ldap, cairo, geronimo, moodle, SDL_image, python imageop, Mysql, NX, and xemacs. The resolved flaws could be exploited to bypass security restrictions, result in information disclosure, denial of service, or even a system compromise. Many of the identified components feature multiple flaws that were resolved.

The good news is that there are no pending vulnerabilities other than the above list. You can check out the full excerpt of SuSE's security summary report here.

  • Microsoft to release 12 updates for February's Patch Tuesday

Microsoft will be distributing a total of 12 security updates this coming Patch Tuesday, February 12. This bumper crop of 12 updates follows the two security updates in January just last month. As a comparison, there was a total of 69 updates released in the whole year of 2007 — or an average of just under six a month.

Users running Windows 2000, Windows XP, and Windows Vista are affected by the vulnerabilities. Seven of the "critical" security update fixes vulnerabilities in the usual trio — Office, Windows, and Internet Explorer. The other five updates are classified as "important" and fix problems with Internet Information Server (IIS) and Microsoft Office.

You can check out Microsoft's Security Bulletin Advance notification if you like.

About Paul Mah

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

Editor's Picks

Free Newsletters, In your Inbox